Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

Nearly three-quarters of companies have been affected by internal information security incidents, according to the IT Security Risks Survey 2015 conducted by Kaspersky Lab and B2B International.

The worldwide survey of more than 5,500 IT specialists also found that the largest single cause of confidential data losses consists of employees (42 percent).

The survey also reported cases of accidental data leaks (28 percent) and intentional leaks of valuable company data (14 percent).

In addition to data leaks, internal threats included the loss or theft of employee mobile devices, with 19 percent of respondents confirming that they had lost a mobile device containing corporate data at least once a year.

Further reading

"One of the most concerning stats from this survey is the fact that 73 percent of companies have been affected by internal information security incidents," Andrey Pozhogin, senior product marketing manager at Kaspersky Lab North America, told eWEEK. "This is concerning to me because that high number indicates businesses are not doing enough to educate their employees on the important role they play in an organization’s IT security strategy."

Pozhogin noted that, in addition, another survey Kaspersky had released found the average cost to recover from a cyber-attack is $551,000 for enterprises and $38,000 for small businesses.

"Those incredibly high numbers should serve as a wake-up call to businesses of all sizes to not only improve IT security by implementing effective cyber-security technology and strategies to help prevent external attacks, but also to devote more resources toward educating employees about cyber-security to prevent internal security incidents from affecting the organization," he said.

The survey found that 15 percent of organizations encountered situations where company resources, including finances, were used by employees for their own purposes.

The losses caused by these incidents exceeded the damage caused by confidential data leaks for enterprises, the report found.

Small and midsize businesses lose up to $40,000 on average from fraudulent activity by employees, while the figure for enterprises exceeds $1.3 million.

"Organizations continue to expand their IT infrastructure, adding new components to help business operations. This expansion adds new vulnerabilities and threat vectors into the IT environment and, as a result, it may be difficult for employees to keep pace with rapidly changing IT environments and evolving threats," Pozhogin said. "With proper and consistent cyber-security training in place, employees will be able to not only keep pace with new technology and evolving threats targeting those systems or devices, but will also be better equipped to play the important role they have in keeping a business safe from cyber-security incidents."

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.